Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] Created NSE script to detect Zimbra 0 day
From: George Chatzisofroniou <sophron () latthi com>
Date: Thu, 19 Dec 2013 20:34:32 +0200

On Wed, Dec 18, 2013 at 06:18:57PM -0600, Ron wrote: 
The issue with the script as-is is, once the vuln is patched, it'll keep
reporting it's vulnerable, I think, unless they just delete the file. if
you try to grab a "bad" file (like /etc/shadow), everything seem to work
fine.

There are some fixes around already. By fixing the LFI, the HTTP response status
won't be 200, so the script will not return a false positive.

It works if I switch out the string.match() with "==".

I don't know why, though! 

That's because Lua string.match() method expects a pattern as a second argument
(not a raw string) and the special "-" character is interpreted as the Lua
modifier for repetitions. Thanks for cathing this. 

-- 
George Chatzisofroniou
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault